Avalanche (botnet)

Avalanche (also known as Avalanche Gang ) is a botnet and an international cyber criminal group behind it on the Internet that has become known through extensive phishing attacks. A total of twenty different bot networks were operated in this network, which were used, for example, to distribute spam and phishing e-mails as well as malware such as ransomware and Trojans in online banking .

history

The Avalanche network was discovered at the end of 2008 and, according to US sources, in 2009 it was responsible for two-thirds of all phishing attempts.

On December 1, 2016, the public prosecutor's office in Verden announced that, after four years of investigations and in international cooperation, suspected leaders of the group had been arrested and 39 servers had been confiscated. In addition, 221 servers were separated from the Internet by providers and more than 800,000 domains were seized or blocked. The cooperation extended from the Central Criminal Inspectorate in Lüneburg and the Verden public prosecutor to the FBI , the “United States Attorney's Office for the Western District of Pennsylvania”, the “Department of Justice” and the security authorities of 39 “European and non-European states”. 16 suspects were identified and arrest warrants were issued against seven suspects.

At the same time, on November 30, 2016, searches and seizures of servers and domains took place in ten countries, in which the international organizations Europol ( European Center for the Fight against Cybercrime (EC3)) and Eurojust were involved, and beforehand by the Federal Office for Security in the Information Technology (BSI) and the Fraunhofer Institute for Communication, Information Processing and Ergonomics (FKIE) over 100 terabytes of data had been analyzed. The break-up was supported by the organizations Interpol , Shadowserver Foundation , Registrar of Last Resort and ICANN .

Bank customers who have had their data stolen have an average of more than 5000 euros stolen. More than a million spam emails were sent each week .

Web links

Huge botnet "Avalanche" destroyed: heavy blow against cyber criminals (on chip.de)
Investigators hit the botnet heavyweight Avalanche (on heise.de)
'Avalanche' Global Fraud Ring Dismantled (on krebsonsecurity.com)

Individual evidence

↑ ^a ^b Botnet infrastructure "Avalanche" excavated , Federal Office for Information Security , accessed on December 5, 2016
↑ ^a ^b ^c 'Avalanche' Network Dismantled in International Cyber Operation , europol.europa.eu of December 1, 2016, accessed on December 4, 2016
↑ Avalanche, one of the world's largest infrastructures for the use of botnets, was discovered and analyzed in international cooperation , Verden public prosecutor's office on December 1, 2016, accessed on December 5, 2016

[BSI-1] Botnet infrastructure "Avalanche" excavated , Federal Office for Information Security , accessed on December 5, 2016

[EuroPol-2] 'Avalanche' Network Dismantled in International Cyber Operation , europol.europa.eu of December 1, 2016, accessed on December 4, 2016

[3] Avalanche, one of the world's largest infrastructures for the use of botnets, was discovered and analyzed in international cooperation , Verden public prosecutor's office on December 1, 2016, accessed on December 5, 2016